class DrivingLessonsController < ApplicationController
  before_filter :authenticate!
  before_filter :protect_from_student, :except => [:show]
  before_filter :protect_from_instructor, :only => [:index]
  before_filter :correct_user
  # GET /driving_lessons
  # GET /driving_lessons.json
  def index
    if @current_user.instructor?
      @driving_lessons = @current_user.usable.driving_lessons
    else
      @driving_lessons = DrivingLesson.all
    end

    respond_to do |format|
      format.html # index.html.erb
      format.json { render json: @driving_lessons }
    end
  end

  # GET /driving_lessons/1
  # GET /driving_lessons/1.json
  def show
    @timeslot = Timeslot.find(params[:timeslot_id])
    @driving_lesson = @timeslot.driving_lesson

    respond_to do |format|
      format.html # show.html.erb
      format.json { render json: @driving_lesson }
    end
  end

  # GET /driving_lessons/new
  # GET /driving_lessons/new.json
  def new
    @timeslot = Timeslot.find(params[:timeslot_id])
    @topics = Topic.all
    @cars = Car.all
    @driving_lesson = DrivingLesson.new

    respond_to do |format|
      format.html # new.html.erb
      format.json { render json: @driving_lesson }
    end
  end

  # GET /driving_lessons/1/edit
  def edit
    @timeslot = Timeslot.find(params[:timeslot_id])
    @topics = Topic.all
    @cars = Car.all
    @driving_lesson = @timeslot.driving_lesson
  end

  # POST /driving_lessons
  # POST /driving_lessons.json
  def create
    @timeslot = Timeslot.find(params[:timeslot_id])
    @topics = Topic.all
    @cars = Car.all
    @data = params[:driving_lesson]
    @data[:topic] = Topic.find(@data[:topic])
    @data[:car] = Car.find(@data[:car])
    @data[:timeslot] = @timeslot
    @driving_lesson = DrivingLesson.new(@data)

    respond_to do |format|
      if @driving_lesson.save
        format.html { redirect_to timeslot_driving_lesson_url(@timeslot), notice: 'Driving lesson was successfully created.' }
        format.json { render json: @driving_lesson, status: :created, location: @driving_lesson }
      else
        format.html { render action: "new" }
        format.json { render json: @driving_lesson.errors, status: :unprocessable_entity }
      end
    end
  end

  # PUT /driving_lessons/1
  # PUT /driving_lessons/1.json
  def update
    @timeslot = Timeslot.find(params[:timeslot_id])
    @driving_lesson = @timeslot.driving_lesson
    @topics = Topic.all
    @cars = Car.all
    @data = params[:driving_lesson]
    @data[:topic] = Topic.find(@data[:topic])
    @data[:car] = Car.find(@data[:car])
    @data[:timeslot] = @timeslot

    respond_to do |format|
      if @driving_lesson.update_attributes(@data)
        format.html { redirect_to timeslot_driving_lesson_url(@timeslot), notice: 'Driving lesson was successfully updated.' }
        format.json { head :no_content }
      else
        format.html { render action: "edit" }
        format.json { render json: @driving_lesson.errors, status: :unprocessable_entity }
      end
    end
  end

  # DELETE /driving_lessons/1
  # DELETE /driving_lessons/1.json
  def destroy
    @timeslot = Timeslot.find(params[:timeslot_id])
    @driving_lesson = @timeslot.driving_lesson
    @driving_lesson.destroy

    respond_to do |format|
      format.html { redirect_to driving_lessons_instructor_url(@current_user.usable) }
      format.json { head :no_content }
    end
  end

  def correct_user
    @driving_lesson = Timeslot.find(params[:timeslot_id]).driving_lesson
    @timeslot = Timeslot.find(params[:timeslot_id])
    if @current_user.student?
      unless @current_user.usable.id == @driving_lesson.student.id
        redirect_to actions_url, :alert => "Not authorized to view this driving lesson"
      end
    else
      unless @current_user.usable.id == @timeslot.instructor.id
        redirect_to actions_url, :alert => "Not authorized to view this driving lesson"
      end
    end
  end
end
